|
|
|
|
|
|
by ratww
1548 days ago
|
|
|
> But opt-out should not set anything. I don't know what you mean by "local cookie", a cookie is always sent over the wire by HTTP. If you mean saving to LocalStorage, then I don't think that's allowed either. It is allowed for this case. You must save a cookie (or a localStorage value) with the user preferences to avoid showing the cookie banner again. Simplifying: cookies are fine under GDPR as long as they don't carry PII (Personal Identifiable Information). You don't have to ask for consent to store those. They're called "Strictly necessary cookies" in GDPR lingo. (And, of course you can't use any of those to track, though. Intent matters.) And you can save cookies using a Javascript API. That doesn't involve HTTP requests. The cookie will be sent to the server in future requests, though. |
|
|